* guix/scripts/package.scm (search-path-environment-variables): Add
local 'files' variable.
* tests/packages.scm ("--search-paths with pattern"): New test.
Appending to "raw" args broke optional parameters in 'guix package -I'
and 'guix package -A', and possibly other places. Therefore, switch to
parsing each set of options on its own and append resulting alists
together afterwards.
* guix/scripts/archive.scm (parse-options-from): Rename from
(parse-options) and add explicit argument. New form of (parse-options)
using its old algorithm via -from function.
* guix/scripts/build.scm: Ditto.
* guix/scripts/environment.scm: Ditto.
* guix/scripts/package.scm: Ditto.
* guix/scripts/system.scm: Ditto.
* tests/guix-package.sh: Add test.
* doc/guix.texi (Invoking guix build): Make it clear that the options
are parsed independently.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
* guix/scripts/lint.scm (starts-with-abbreviation?): New procedure.
(check-synopsis-style)[check-start-with-package-name]: Use it.
* tests/lint.scm ("synopsis: start with abbreviation"): New test.
* guix/scripts/lint.scm (package-name-regexp): New procedure.
(check-synopsis-style)[check-start-with-package-name]: Use it instead
of 'string-prefix-ci?'.
* tests/lint.scm ("synopsis: start with package name prefix"): New test.
* tests/lint.scm ("description: may start with a digit"): Replace
(not (string-contains exp str)) with (string-null? exp).
("description: may start with lower-case package name"): Likewise.
("description: end-of-sentence detection with abbreviations"):
Likewise.
("synopsis: may start with a digit"): Likewise.
("synopsis: ends with 'etc.'"): Likewise.
Fixes <http://bugs.gnu.org/18935>.
Reported by Mark H Weaver <mhw@netris.org>.
Previously, if tests/nar.scm ran concurrently with tests/gexp.scm, the
store item "foo" containing the string "Hello, world!" could be
deleted (via 'delete-paths') from the tests/nar.scm daemon while the
tests/gexp.scm daemon would still consider it live.
* tests/nar.scm ("restore-file-set (missing signature)"):
Use (random-text) rather than "Hello, world!", to avoid concurrent
deletion of store item "foo" used in tests/gexp.scm.
* guix/store.scm (run-gc): Add calls to 'hash-clear!'.
* tests/store.scm ("add-text-to-store vs. delete-paths",
"add-to-store vs. delete-paths"): New tests.
Reported by Andreas Enge <andreas@enge.fr>.
* guix/packages.scm (first-value): New macro.
(package-transitive-supported-systems): Rewrite to traverse all the
DAG rooted at PACKAGE.
* tests/packages.scm ("package-transitive-supported-systems"): Add 'd'
and 'e', and test them.
Thanks to Mark H. Weaver <mhw@netris.org> for insightful discussions
and suggestions.
* guix/packages.scm (<package>)[graft]: New field.
(patch-and-repack): Invoke 'package-derivation' with #:graft? #f.
(package-source-derivation): Likewise. Do not use (%guile-for-build)
in call to 'patch-and-repack', and we could end up using a grafted
Guile.
(expand-input): Likewise, also for 'package-cross-derivation' call.
(package->bag): Add #:graft? parameter. Honor it. Use 'strip-append'
instead of 'package-full-name'.
(input-graft, input-cross-graft, bag-grafts, package-grafts): New
procedures.
(package-derivation, package-cross-derivation): Add #:graft? parameter
and honor it.
* gnu/packages/bootstrap.scm (package-with-bootstrap-guile): Add
recursive call on 'graft'.
* guix/build-system/gnu.scm (package-with-explicit-inputs,
package-with-extra-configure-variable, static-package): Likewise.
(gnu-build): Use the ungrafted Guile to avoid full rebuilds.
(gnu-cross-build): Likewise.
* guix/build-system/cmake.scm (cmake-build): Likewise.
* guix/build-system/glib-or-gtk.scm (glib-or-gtk-build): Likewise.
* guix/build-system/perl.scm (perl-build): Likewise.
* guix/build-system/python.scm (python-build): Likewise.
* guix/build-system/ruby.scm (ruby-build): Likewise.
* guix/build-system/trivial.scm (guile-for-build): Likewise.
* tests/packages.scm ("package-derivation, direct graft",
"package-cross-derivation, direct graft", "package-grafts,
indirect grafts", "package-grafts, indirect grafts, cross",
"package-grafts, indirect grafts, propagated inputs",
"package-derivation, indirect grafts"): New tests.
("bag->derivation", "bag->derivation, cross-compilation"): Wrap in
'parameterize'.
* doc/guix.texi (Security Updates): New node.
(Invoking guix build): Document --no-graft.
* guix/tests.scm (derivation-narinfo, call-with-derivation-narinfo): New
procedures.
(with-derivation-narinfo): New macro.
* tests/derivations.scm ("derivation-prerequisites-to-build and
substitutes"): Use them.
* guix/scripts/lint.scm (check-description-style): Exception for
upper-case rule if the description starts with the package name.
* tests/lint.scm: Test it.
* guix/scripts/lint.scm (start-with-capital-letter?): Rename too...
(properly-starts-sentence?): Rewrite with regex and add digits.
(check-description-style, check-synopsis-style): Use it.
* tests/lint.scm: Add tests.
* guix/scripts/lint.scm (start-with-capital-letter?): Handle empty
strings.
(check-description-style): New check for end-of-sentence space.
* tests/lint.scm: Test it.
* guix/packages.scm (package-transitive-supported-systems): New procedure.
* tests/packages.scm ("package-transitive-supported-systems"): New test.
* build-aux/hydra/gnu-system.scm (package->job): Use it.
* guix/derivations.scm (<graft>): New record type.
(graft-derivation): Rename 'replacements' to 'grafts', and expect it
to be a list of <graft> records. Adjust accordingly.
* tests/derivations.scm ("graft-derivation"): Use 'graft' instead of
pairs in argument to 'graft-derivation'.
* guix/scripts/package.scm (switch-to-generation): New procedure.
(switch-to-previous-generation): Use it.
(guix-package): Adjust for '--switch-generation' option.
* tests/guix-package.sh: Test it.
* doc/guix.texi (Invoking guix package): Document it.
Fixes <http://bugs.gnu.org/18690>.
Reported by Philip Woods <elzairthesorcerer@gmail.com>.
* tests/syscalls.scm ("swapoff, EINVAL/EPERM"): Rename to...
("swapoff, ENOENT/EINVAL/EPERM"): ... this. Add ENOENT to the list of
possible return values.
Fixes a regression introduced in commit 300868ba.
* tests/guix-package.sh: Move 'module_dir' definition to the top, and
"rm -rf" it from the top-most 'trap'. Remove second use of 'trap'.
* guix/scripts/substitute-binary.scm (%cache-url): Ignore the
'GUIX_BINARY_SUBSTITUTE_URL' environment variable.
* test-env.in: Invoke 'guix-daemon' with '--substitute-urls'.
* tests/substitute-binary.scm: Set '%cache-url' to the value of
'GUIX_BINARY_SUBSTITUTE_URL'.
* guix/packages.scm (<package> printer): Check whether LOC is #f.
* tests/packages.scm ("printer with location", "printer without
location"): New tests.
* guix/derivations.scm (graft-derivation): New procedure.
* guix/build/graft.scm: New file.
* Makefile.am (MODULES): Add it.
* tests/derivations.scm ("graft-derivation"): New test.
* guix/scripts/lint.scm (check-start-article): use "string-ci=?" instead of
"string=?".
* tests/lint.scm ("synopsis: starts with 'a'",
"synopsis: starts with 'an'"): New tests.
* guix/scripts/lint.scm (check-description-style,
check-synopsis-start-upper-case): New methods.
* tests/lint.scm ("description: does not start with an upper-case letter",
"synopsis: does not start with an upper-case letter"): New tests.
* guix/build-system.scm (<build-system>)[build, cross-build]: Remove.
[lower]: New field.
(<bag>): New record type.
(make-bag): New procedure.
* guix/packages.scm (bag-transitive-inputs, bag-transitive-build-inputs,
bag-transitive-host-inputs, bag-transitive-target-inputs,
package->bag): New procedures.
(package-derivation): Use it; use the bag, apply its build procedure,
etc.
(package-cross-derivation): Likewise.
* gnu/packages/bootstrap.scm (raw-build, make-raw-bag): New procedure.
(%bootstrap-guile): Use them.
* guix/build-system/trivial.scm (lower): New procedure.
(trivial-build, trivial-cross-build): Remove 'source' parameter. Pass
INPUTS as is.
(trivial-build-system): Adjust accordingly.
* guix/build-system/gnu.scm (%store, inputs-search-paths,
standard-search-paths, expand-inputs, standard-inputs): Remove.
(gnu-lower): New procedure.
(gnu-build): Remove 'source' and #:implicit-inputs? parameters.
Remove 'implicit-inputs' and 'implicit-search-paths' variables. Get
the source from INPUT-DRVS.
(gnu-cross-build): Likewise.
(standard-cross-packages): Remove call to 'standard-packages'.
(standard-cross-inputs, standard-cross-search-paths): Remove.
(gnu-build-system): Remove 'build' and 'cross-build'; add 'lower'.
* guix/build-system/cmake.scm (lower): New procedure.
(cmake-build): Remove 'source' and #:cmake parameters. Use INPUTS and
SEARCH-PATHS as is. Get the source from INPUTS.
* guix/build-system/perl.scm: Likewise.
* guix/build-system/python.scm: Likewise.
* guix/build-system/ruby.scm: Likewise.
* gnu/packages/cross-base.scm (cross-gcc): Change "cross-linux-headers"
to "linux-headers".
(cross-libc)[xlinux-headers]: Pass #:implicit-cross-inputs? #f.
Likewise. In 'propagated-inputs', change "cross-linux-headers" to
"linux-headers".
* guix/git-download.scm (git-fetch): Use 'standard-packages' instead of
'standard-inputs'.
* tests/builders.scm ("gnu-build-system"): Remove use of
'build-system-builder'.
("gnu-build"): Remove 'source' and #:implicit-inputs? arguments to
'gnu-build'.
* tests/packages.scm ("search paths"): Adjust to new build system API.
("package-cross-derivation, no cross builder"): Likewise.
* doc/guix.texi (Build Systems): Add paragraph on bags.
* guix/ui.scm (size->number): Add a bunch of large units. Recognize
one-letter unit names. Change "KB" to "kB".
* tests/ui.scm ("size->number, 1T"): New test.
* doc/guix.texi (Invoking guix gc): Add cross-reference to "Block size"
in the Coreutils manual.
(Invoking guix system): Likewise.
* guix/download.scm (url-fetch): When URL is a string, if it's not a URI
or if it's a URI with 'file' or #f scheme, use 'add-to-store'.
* tests/builders.scm ("url-fetch, file", "url-fetch, file URI"): New
tests.
* guix/snix.scm: Delete.
* guix/import/snix.scm: New file.
* guix/import/pypi.scm: New file.
* guix/import/utils.scm: New file.
* guix/scripts/import/nix.scm: New file.
* guix/scripts/import/pypi.scm: New file.
* tests/pypi.scm: New file.
* tests/snix.scm: Import (guix import snix) module.
* guix/scripts/import.scm (%default-options, %options): Delete.
(%standard-import-options, importers): New variables.
(show-help): List importers.
(guix-import): Factor out Nix-specific logic. Delegate to correct importer
based upon first argument.
* configure.ac (HAVE_GUILE_JSON): New conditional.
* Makefile.am (MODULES): Add new files and remove 'guix/snix.scm'.
(SCM_TESTS): Add 'tests/pypi.scm' if guile-json is installed.
* guix/build/syscalls.scm (network-interfaces): Update docstring.
(%interface-line): New variable.
(all-network-interfaces): New procedure.
* tests/syscalls.scm ("all-network-interfaces"): New test.
("network-interfaces"): Change to make sure the result is a subset
of (all-network-interfaces).
* guix/build/utils.scm (wrap-program): Multiple invocations of
wrap-program for the same file create successive wrappers. Adjust
docstring.
* tests/build-utils.scm: Test new wrap-program behavior.
(%store): New variable.
* guix/gexp.scm (lower-reference-graphs): New procedure.
(gexp->derivation)[graphs-file-names]: New procedure.
Use 'lower-reference-graphs', and augment #:inputs argument as a
function of #:references-graphs.
* doc/guix.texi (G-Expressions): Adjust 'gexp->derivation' documentation
accordingly.
* tests/gexp.scm ("gexp->derivation, store copy"): Remove reference to
TWO in BUILD-DRV. Use TWO directly in #:references-graphs argument.
("gexp->derivation #:references-graphs"): New test.
* gnu/system/vm.scm (qemu-image): Remove variable 'graph'; use INPUTS as
the #:references-graphs argument to
'expression->derivation-in-linux-vm'.
This allows editors to parse warnings correctly.
* guix/scripts/lint.scm (emit-warning): Use 'format' instead of
'warning', to avoid the "guix lint: " prefix in messages.
* tests/lint.scm (call-with-warnings): Indent.
* guix/profiles.scm (manifest-lookup): New procedure.
(manifest-installed?): Use it.
(manifest-transaction-effects): Return a pair of entries for upgrades.
(right-arrow): New procedure.
(manifest-show-transaction)[upgrade-string, →]: New variables.
Report upgrades using 'upgrade-string'.
* tests/profiles.scm ("manifest-show-transaction"): New test.
("manifest-transaction-effects"): Match UPGRADE against a pair.
* nix/nix-daemon/guix-daemon.cc (main): Set 'autoStoreOptimise' to
true. Add 'printMsg' call.
* tests/derivations.scm ("identical files are deduplicated"): New test.
* guix/profiles.scm (manifest-transaction-effects): New procedure.
(manifest-show-transaction): Use it instead of locally computing it.
* tests/profiles.scm (glibc): New variable.
("manifest-transaction-effects"): New test.
Fixes <http://bugs.gnu.org/18305>.
Reported by Brandon Invergo <brandon@gnu.org>.
* guix/profiles.scm (manifest-inputs, info-dir-file): New procedures.
(profile-derivation): Use them. Add #:info-dir? parameter and honor
it.
* guix/scripts/package.scm (guix-package): Call 'profile-derivation'
with #:info-dir? #f when the 'bootstrap? option is set.
* tests/profiles.scm ("profile-derivation"): Pass #:info-dir? #f.
* guix/profiles.scm (<manifest-transaction>): New record-type.
(manifest-perform-transaction): New procedure.
(manifest-show-transaction): New procedure.
* tests/profiles.scm ("manifest-perform-transaction"): New test.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
* guix/gexp.scm (<gexp>)[natives]: New field.
(write-gexp): Use both 'gexp-references' and
'gexp-native-references'.
(gexp->derivation): Use both 'gexp-inputs' and 'gexp-native-inputs',
and append them.
(gexp-inputs): Add 'references' parameter and honor it.
(gexp-native-inputs): New procedure.
(gexp->sexp)[reference->sexp]: Add 'native?' parameter and honor it.
Use it, and use 'gexp-native-references'.
(gexp)[collect-native-escapes]: New procedure.
[escape->ref]: Handle 'ungexp-native' and 'ungexp-native-splicing'.
[substitute-ungexp, substitute-ungexp-splicing]: New procedures.
[substitute-references]: Use them, and handle 'ungexp-native' and
'ungexp-native-splicing'.
Adjust generated 'make-gexp' call to provide both normal references
and native references.
[read-ungexp]: Support 'ungexp-native' and
'ungexp-native-splicing'.
Add reader extension for #+.
* tests/gexp.scm (gexp-native-inputs): New procedure.
(gexp->sexp*): Add 'target' parameter.
("ungexp + ungexp-native",
"input list + ungexp-native",
"input list splicing + ungexp-native-splicing",
"gexp->derivation, ungexp-native",
"gexp->derivation, ungexp + ungexp-native"): New tests.
("sugar"): Add tests for #+ and #+@.
* doc/guix.texi (G-Expressions): Document 'ungexp-native' et al.
* guix/gexp.scm (lower-inputs): Add #:system and #:target. Use
'package->cross-derivation' when TARGET is true. Honor SYSTEM.
(gexp->derivation): Add #:target argument. Pass SYSTEM and TARGET to
'lower-inputs' and 'gexp->sexp'.
(gexp->sexp): Add #:system and #:target. Pass them in recursive call
and to 'package-file'.
* tests/gexp.scm (gexp->sexp*): Add 'system' and 'target' parameters.
("gexp->derivation, cross-compilation"): New test.
* guix/monads.scm (package-file): Add #:target keyword parameter and
honor it.
(package->cross-derivation): New procedure.
* tests/monads.scm ("package-file + package->cross-derivation"): New test.
* doc/guix.texi (The Store Monad): Update 'package-file' documentation.
Add 'package->cross-derivation'.
Fixes <http://bugs.gnu.org/17468>.
* guix/ui.scm (fill-paragraph): Two spaces after period and no spaces before newline.
* tests/ui.scm: New test case.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Suggested by Alex Kost <alezost@gmail.com>.
* guix/scripts/package.scm (options->installable)[package->manifest-entry]:
Move to (guix profiles).
[package->manifest-entry*]: New procedure.
Use it.
* guix/profiles.scm (package->manifest-entry): New procedure.
* tests/profiles.scm (guile-for-build): New variable.
Call '%guile-for-build'.
("profile-derivation"): New test.
* guix/profiles.scm (<manifest-entry>)[path]: Rename to...
[item]: ... this. Update users.
(manifest->sexp): Rename to...
(manifest->gexp): ... this. Return a gexp.
(lower-input): Remove.
(profile-derivation): Remove 'store' parameter, and turn into a
monadic procedure.
[inputs]: New variable.
[builder]: Turn into a gexp.
Replace call to 'build-expression->derivation' with call to
'gexp->derivation'.
* guix/scripts/package.scm (link-to-empty-profile): Adjust call to
'profile-derivation', and wrap it in 'run-with-store'.
(show-what-to-remove/install): Rename 'path' to 'item'. Check whether
ITEM is a package, and return its output path if it is.
(input->name+path): Remove.
(options->installable): Set 'item' to P.
(guix-package): Adjust call to 'profile-derivation'.
* tests/profiles.scm (guile-2.0.9): Change 'path' to 'item'.
* tests/guix-register.sh: Remove redundant $new_store in $NIX_STATE_DIR,
introduced in 689142cd ("guix-register: Add '--state-directory'
parameter.") Reported by Eric Bavier <ericbavier@gmail.com> and
Alen Skondro <askondro@gmail.com>.
* nix/guix-register/guix-register.cc (GUIX_OPT_STATE_DIRECTORY): New
macro.
(parse_opt): Honor it.
* tests/guix-register.sh: Add test with '--state-directory'.
* guix/store.scm (register-path): Add #:state-directory parameter.
* guix/records.scm (define-record-type*)[record-inheritance]: Check for
unexpected field names.
* tests/records.scm ("define-record-type* with let* behavior"): Return
#t, not *unspecified*.
("define-record-type* & inherit & extra initializers"): New test.
* tests/records.scm (test-module): New procedure.
("define-record-type* & missing initializers",
"define-record-type* & extra initializers"): New tests.
Partly fixes <http://bugs.gnu.org/18002>.
Reported by David Thompson <dthompson2@worcester.edu>.
* guix/gexp.scm (gexp->derivation): Change #:system to default #f.
Use (%current-system) from within the 'mlet*'.
* tests/gexp.scm ("gexp->derivation, default system"): New test.
* guix/monads.scm (mapm): Don't reverse LST, so that items are processed
from left to right. Bind the result of 'foldm' and reverse it.
* tests/monads.scm ("sequence"): Change 'frob' so it performs its side
effect within an 'mlet' body. Adjust call accordingly.
Fixes <http://bugs.gnu.org/17939>.
Reported by Taylan Ulrich Bayirli/Kammer <taylanbayirli@gmail.com>.
* guix/scripts/package.scm (canonicalize-profile): New procedure.
(%options): Use it for --profile.
* tests/guix-package.sh: Add test.
* guix/scripts/system.scm (read-operating-system) <catch handler>: Add
case for 'syntax-error'. Correct message for default case.
* guix/scripts/offload.scm (build-machines) <catch handler>: Add case
for 'syntax-error'.
* tests/guix-system.sh: New file.
* Makefile.am (SH_TESTS): Add it.
* guix/ui.scm (%guix-user-module): New variable.
(read/eval): Pass it as the second argument to 'eval'.
* guix/scripts/build.scm (options/resolve-packages): Add case for
'gexp?'.
* tests/guix-build.sh: Add tests.
* doc/guix.texi (Invoking guix build): Document '-e gexp'.
guxi build: Allow gexps to be passed to '-e'.
* guix/ui.scm (%guix-user-module): New variable.
(read/eval): Pass it as the second argument to 'eval'.
* guix/scripts/build.scm (options/resolve-packages): Add case for
'gexp?'.
* tests/guix-build.sh: Add tests.
* doc/guix.texi (Invoking guix build): Document '-e gexp'.
* tests/gexp.scm (shebang): New variable.
Skip "gexp->script" when SHEBANG is longer than 127 chars.
* guix/gexp.scm (gexp->script): Add comment on the issue.
* guix/ui.scm (show-what-to-build)[built-or-substitutable?]: New
procedure. Check whether OUT is #f.
Use it.
* tests/ui.scm ("show-what-to-build, zero outputs"): New test.
* guix/monads.scm: Unexport 'lower-inputs' and 'derivation-expression'.
(text-file*): Add comment about the switch to 'gexp->derivation'.
(lower-inputs): Add comment about its doom.
(derivation-expression): Likewise.
* guix/gexp.scm (lower-inputs*): Rename to...
(lower-inputs): ... this. Update callers.
* tests/monads.scm (derivation-expression): New procedure.
* doc/guix.texi (The Store Monad): Use 'gexp->derivation' instead of
'derivation-expression'. Remove documentation of
'derivation-expression'.
* guix/ui.scm (read/eval): Use THE-ROOT-MODULE so that macros are
properly expanded.
* tests/guix-build.sh: Use 'gexp->derivation' instead of
'derivation-expression'.monads: Hide 'derivation-expression' and 'lower-inputs'.
* guix/gexp.scm: New file.
* tests/gexp.scm: New file.
* Makefile.am (MODULES): Add guix/gexp.scm.
(SCM_TESTS): Add tests/gexp.scm.
* doc/guix.texi (Derivations): Add #:inputs in 'derivation' example.
Mark 'build-expression->derivation' as deprecated, refer to
"G-Expressions". Remove paragraph about code strata.
(G-Expressions): New node.
Fixes <http://bugs.gnu.org/17312>.
* guix/scripts/authenticate.scm (guix-authenticate): Add calls to
'set-port-encoding!' and 'set-port-conversion-strategy!'. Wrap body
in 'with-fluids' form that sets '%default-port-encoding' and
'%default-port-conversion-strategy'.
* tests/guix-authenticate.sh: Add test.
* tests/pk-crypto.scm ("hash corrupt due to restrictive locale
encoding"): Add reference to bug.
* guix/pk-crypto.scm (string->canonical-sexp): Pass "ISO-8859-1" as the
2nd argument to 'string->pointer'.
* tests/pk-crypto.scm ("version"): New test.
("hash corrupt due to restrictive locale encoding"): New test.
Fixes situations where the remote 'guix build' is invoked before the
.drv has been completely copied, as reported at
<https://lists.gnu.org/archive/html/guix-devel/2014-04/msg00174.html>.
In some cases 'send-files' would return before the other end is done
importing the files, and so the subsequent 'guix build' invocation would
just miss the .drv file it refers to.
* guix/utils.scm (call-with-decompressed-port): Don't close PORT.
(call-with-compressed-output-port): Likewise.
* tests/utils.scm ("compressed-output-port + decompressed-port"): Adjust
accordingly.
* guix/scripts/offload.scm (send-files): Add explicit (close-pipe pipe)
call.
(retrieve-files): Likewise.
Partially fixes <http://bugs.gnu.org/17212>.
* tests/utils.scm ("fcntl-flock wait", "fcntl-flock non-blocking"): Open
files in binary mode, with no buffering.
* guix/build/union.scm: Rewrite; only 'file=?' remains unchanged. Remove
'tree-union' and 'delete-duplicate-leaves' exports. Merge inputs in a
breadth-first fashion. Follow symlinks for purposes of making decisions
about the merge.
* tests/union.scm: Remove tests of 'tree-union' and 'delete-duplicate-leaves'.
* guix/scripts/package.scm (maybe-register-gc-root): New procedure.
* tests/guix-package.sh (profile): Grep the output of "guix gc
--list-live" in a couple of places.
* guix/nar.scm (restore-file-set)[assert-valid-signature]: Rewrite in
terms of 'signature-case'.
* guix/scripts/substitute-binary.scm (narinfo-signature->canonical-sexp):
Call 'leave' instead of 'raise' when SIGNATURE is invalid.
(&nar-signature-error, &nar-invalid-hash-error): Remove.
(assert-valid-signature): Add 'narinfo' parameter; remove 'port'.
Rewrite in terms of 'signature-case' and 'leave'. Mention NARINFO's
URI in error messages. Adjust caller.
(narinfo-sha256): New procedure.
(assert-valid-narinfo): Use it.
(valid-narinfo?): Rewrite using 'narinfo-sha256' and
'signature-case'.
* tests/substitute-binary.scm (assert-valid-signature,
test-error-condition): Remove.
("corrupt signature data", "unauthorized public key", "invalid
signature"): Remove.
* tests/substitute-binary.scm (%narinfo): Set 'URL', 'Compression', and
'NarHash'.
(call-with-narinfo): Create 'example.out' and 'example.nar'.
("query narinfo without signature", "substitute, no signature",
"substitute, authorized key"): New tests.
* tests/substitute-binary.scm (signature-body): Change 'str' parameter
to 'bv', and expect it to be a bytevector.
(%signature-body, %wrong-signature, %acl): Remove.
(signature): Rename to...
(signature-field): ... this. Add 'bv-or-str' parameter. Change 'str'
parameter to #:version. Add #:public-key parameter. Call
'signature-body' directly. Change domain part of the signature to
'example.gnu.org'.
("not a number", "wrong version number", "valid
narinfo-signature->canonical-sexp"): Use 'signature-field' instead of
'signature' or %SIGNATURE.
(test-error-condition): Add 'message-rx' parameter and honor it.
("corrupt signature data", "unauthorized public key", "invalid
signature"): Adjust accordingly.
(narinfo, %signed-narinfo): Remove.
("query narinfo with invalid hash"): Use '%narinfo' and
'signature-field' instead of 'narinfo' and '%signature'.
("query narinfo signed with authorized key", "query narinfo signed
with unauthorized key", "substitute, invalid hash", "substitute,
unauthorized key"): Likewise.
* guix/scripts/substitute-binary.scm (narinfo-signature->canonical-sexp):
Catch 'gcry-error' around 'string->canonical-sexp' call, and re-raise
as a SRFI-35 &message and &nar-signature-error.
(narinfo-maker): Handle when SIGNATURE is #f or an invalid canonical
sexp.
(&nar-signature-error, &nar-invalid-hash-error): New variables.
(assert-valid-signature): Use them. Expect 'signature' to be a
canonical sexp.
(read-narinfo): Remove authentication and authorization checks.
(%signature-line-rx): New variable.
(assert-valid-narinfo, valid-narinfo?): New procedures.
(guix-substitute-binary): Wrap body in 'with-error-handling'.
[valid?]: New procedure.
<--query>: Show only store items of narinfos that match
'valid-narinfo?'.
<--substitute>: Call 'assert-valid-narinfo'.
* tests/substitute-binary.scm (test-error*): Use 'test-equal'.
(%keypair): Remove.
(%public-key, %private-key): Load from signing-key.{pub,sec}.
(signature-body): Add #:public-key parameter.
(call-with-narinfo): New procedure.
(with-narinfo): New macro.
("corrupt signature data", "unauthorized public key", "invalid
signature"): Make the first argument to 'assert-valid-signature' a
canonical sexp.
("invalid hash", "valid read-narinfo", "valid write-narinfo"):
Remove.
("query narinfo with invalid hash", "query narinfo signed with
authorized key", "query narinfo signed with unauthorized key",
"substitute, invalid hash", "substitute, unauthorized key"): New
tests.
* guix/scripts/substitute-binary.scm (<narinfo>): Add the 'signature'
and 'contents' fields.
(narinfo-signature->canonical-sexp): New function.
(narinfo-maker): Add the 'signature' argument and use it.
(assert-valid-signature): New function.
(read-narinfo): Support the Signature field.
(write-narinfo): Use 'narinfo-contents'.
(%allow-unauthenticated-substitutes?): New variable.
* guix/base64.scm, tests/base64.scm, tests/substitute-binary.scm: New files.
* Makefile.am (SCM_TESTS): Add tests/base64.scm and
tests/substitute-binary.scm.
(MODULES): Add guix/base64.scm.
* test-env.in: Set 'GUIX_ALLOW_UNAUTHENTICATED_SUBSTITUTES'.
* guix/utils.scm (call-with-decompressed-port,
call-with-compressed-output-port): New procedures.
* tests/utils.scm ("compressed-output-port + decompressed-port"):
Rewrite to use them.
* guix/scripts/authenticate.scm (guix-authenticate): Add clauses
for ("rsautl" "-sign" "-inkey" key) and ("rsautl" "-verify" "-inkey" _
"-pubin").
* tests/guix-authenticate.sh (hash): Add test using -sign and -verify in
a pipeline.
* guix/utils.scm (decompressed-port, compressed-port): New procedures.
* guix/scripts/substitute-binary.scm (decompressed-port): Remove.
(guix-substitute-binary): Pass a symbol or #f as the first argument to
'decompress-port'.
* tests/utils.scm ("compressed-port, decompressed-port, non-file"): New
test.
* guix/utils.scm (filtered-port): Make sure the 'execl' child process
always exits, and does (primitive-_exit 1) upon execution failure.
Use 'primitive-_exit' in the 'dump-port' child process.
* tests/utils.scm ("filtered-port, does not exist"): New test.
* guix/pk-crypto.scm (gcrypt-version): New procedure.
* guix/scripts/archive.scm (%key-generation-parameters): New variable.
(%options) <generate-key>: Use it.
* tests/pk-crypto.scm ("sign + verify, Ed25519"): Skip if using gcrypt < 1.6.0.
* guix/pk-crypto.scm (bytevector->hash-data): Add #:key-type parameter.
Use the 'pkcs1' flag when KEY-TYPE is 'rsa', and 'rfc6979' when
KEY-TYPE is 'ecc' or 'dsa'.
(key-type): New procedure.
* guix/scripts/authenticate.scm (read-hash-data): Add 'key-type'
parameter. Pass it to 'bytevector->hash-data'. Adjust caller
accordingly.
* tests/pk-crypto.scm (%ecc-key-pair): New variable.
("key-type"): New test.
("sign + verify"): Pass #:key-type to 'bytevector->hash-data'.
("sign + verify, Ed25519"): New test.
Reported by Nikita Karetnikov <nikita@karetnikov.org>
and Pierre-Antoine Rault <par@rigelk.eu>.
* test-env.in: Change 'NIX_LOG_DIR' in accordance with f5768af.
* tests/guix-register.sh: Likewise for 'NIX_LOG_DIR' and 'NIX_DB_DIR'.